Speaking at BlakcHat MEA 2022

Monday. December 05, 2022 - 4 mins

Riyadh, Saudi Arabia recently hosted BlackHat MEA (Middle East & Africa), the largest security conference in the Middle East and Africa region.

BlackHat MEA featured a range of events, including an Executive Summit, Technical tracks, a Drone Hacking village, a Car Hacking village, a live Tesla hacking event, and a startup competition..

My Talk

I have had the opportunity to speak this year at BlackHat, where I presented my latest research, titled “Demystifying Practical DDoS Attacks”.

What I liked at BlackHat, and why you should apply next year

When arriving at the Riyadh airport (King Khalid International Airport), this vehicle was waiting for all speakers.

This is just one of the nice tokens of hospitality the conference made. It honestly leaves an amazing impression about the conference.

The organization of the conference was impressive. It was clear that a lot of effort had gone into planning and coordinating the event. This was evident in the high quality of the talks, the smooth logistics of the venue, the activities designed for students, and the startup competition. Overall, it was a well-organized and professionally-run conference.

Awesome talks

I didn’t have the opportunity to see as many talks as I would have liked at BlackHat MEA due to the multiple tracks running simultaneously. However, I was able to catch a few really interesting presentations. I’m looking forward to the release of the conference recordings online so that I can catch up on the talks that I missed. For next year’s conference, I hope that there will be fewer tracks so that attendees can more easily plan which talks to attend.

“Disrupting Ransomware” By Lance James
“Assume Breach” By Caleb Sima
“Human Security Engineering – A Holistic Approach To Addressing Human Incidents” By Ira Winkler
“I Bet Nobody Ever Thought To Do This With A Camel..” By Chris Roberts
“Apt Hunting And The Threat Intelligence Dilemma” By Salah Altokhais
“Dotdumper: Automatically Unpacking Dotnet Based Malware” By Max Kersten
“Wipermania: An All You Can Wipe Buffet” By Max Kersten
“Turbocharging Ioc Validation: Become A More Efficient CTI Analyst” By Arwa Alomari
“So Many Devices, So Little Time” By Joseph Mccray
“Abusing Azure Virtual Machines” By Tarek Naja
“The Evolution Of Ios Security” By Prateek Gianchandani
“What The Waf: Scalable, Multi-cloud, Automated Security Using Waf” By Khaled Farah
“An Attacker’s Perspective” By Quinn Carman
“Supply Chain Attacks Are The New High Watermark” By Milad Aslaner
“Scaling Soc And Ir Teams To Defend Kubernetes Based Workloads” By Milad Alnaser

Photos for the memory 💚

Quinn Carman, the former NSA red team chief presented a talk on how adversaries are approaching targets and patterns seen across different engagements. Talk: An Attacker’s Perspective

Ira Winkler shared an interesting perspective about today’s industry approach to solving Human Security challenges, and how organizations can improve and address security awareness risks. Talk: Human Security Engineering – A Holistic Approach To Addressing Human Incidents

Lance James speaking about building a Ransomware remediation system. Talk: Disrupting Ransomware

Salah Altokhais giving a talk: “Apt Hunting And The Threat Intelligence Dilemma”

Arwa Alomari presented a talk on data enrichment of IOCs, and automating CTI analysis. Talk: Turbocharging Ioc Validation: Become A More Efficient CTI Analyst

Max Kersten presented an analysis of various wipers attacks in the past years, along with similarities in their development and execution. Talk: “Wipermania: An All You Can Wipe Buffet”

With Chris Roberts!

Our 971Sec Booth, is a UAE-based cyber security community. My favorite security community of all time.

BlackHat MEA venue at night.

Final Thoughts

I would like to thank the Saudi Federation for Cyber Security, Programming, and Drones for bringing BlackHat to the MENA region, and organizing an excellent event.

Till next year!

Mazin Ahmed

Thoughts of a hacker